Managing a payment card account and protecting cardholder data requires a significant commitment of staff time and funding. The department needs to ensure that it has managerial, fiscal, and technological expertise to manage a payment card account.
Obtaining Approval to Accept Payment Cards
- Department consults with their RRC’s Chief Financial Manager or RRC Contact to discuss the business needs for accepting revenue via payment card and the department’s managerial, fiscal, and technological expertise for managing a payment card account.
- Department consults with Accounts Receivable Services to discuss business requirements and payment card processing options.
- Department reviews pertinent policies, procedures, and standards to ensure it is prepared to meet all requirements. Related Administrative Policies, procedures, and standards include:
- Accepting Revenue Via Payment Cards
- Entering Into Contracts
- Acceptable Use of Information Technology Resources
- Reporting and Notifying Individuals of Information Security Breaches
- Information Security
- Information Security Risk Management
- Background Checks and Verifications
- Managing University Records and Information
- The current version of the Payment Card Industry Data Security Standards (PCI DSS)
- Department designates a Payment Card Manager for the account.
- Payment Card Manager completes the Payment Card Account Form (UM1609) and sends to Accounts Receivable Services at firstname.lastname@example.org.
- Accounts Receivable Services will work with the requesting department, University Information Security, Purchasing Services, and Office of the General Counsel to ensure thorough review of the request.
- Accounts Receivable Services will notify the department once the request has been reviewed. Not all requests are approved.
NOTE: Once a request is approved, please allow at least 3-4 weeks for payment card account setup and testing.